Towards the end of 2017, there was a major shift in the malware scene. As cloud-based technologies became more popular, cybercrime gangs began targeting Docker and Kubernetes systems. Most of these attacks followed a very simple pattern where threat actors scanned for misconfigured systems that had admin interfaces exposed online in order to take over servers and deploy cryptocurrency-mining malware.

Over the past three years, these attacks have intensified, and new malware strains and threat actors targeting Docker (and Kubernetes) are now being discovered on a regular basis.  

But despite the fact that malware attacks on Docker servers are now commonplace, many web developers and infrastructure engineers have not yet learned their lesson and are still misconfiguring Docker servers, leaving them exposed to attacks. The most common of these mistakes is leaving Docker remote administration API endpoints exposed online without authentication.

https://www.zdnet.com/article/docker-malware-is-now-common-so-devs-need-to-take-docker-security-seriously/

December 02, 2020

Mark Bower

+ Follow Me - UnFollow Me

Senior Vice President

comforte AG

Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and.....Read More

Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital even with advanced container and app orchestration ecosystems to avoid data compromise or attacks that can create havoc for data-hungry enterprises depending on them.  Read Less

Like(0)  (0)

×

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"To thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-docker-malware-is-now-common-devs-need-to-react-accordingly

Copy this message and share on your Linkedin profile. Thanks! COPY

×

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary at @Information Security Buzz.
"To thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-docker-malware-is-now-common-devs-need-to-react-accordingly

Copy this message and share on your Facebook profile. Thanks! COPY

Please login to comment.

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *

Your Registered Email *

Notification Email (If different from your registered email)

* By using this form you agree with the storage and handling of your data by this web site.

SUBMIT

Thank you, your expert comments have been submitted for review.

×

Upload Content

Youtube Link  

Image  

---

Youtube Link (Ex: https://www.youtube.com/watch?v=eUxUUarTRW4 )

Add

Uploading the content. Please wait....

Submit

×